Arcserve » Arcserve Unified Data Protection : Security Vulnerabilities, CVEs,
A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll.
Max CVSS
7.5
EPSS Score
0.04%
Published
2024-03-13
Updated
2024-03-14
A path traversal vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.servlet.ImportNodeServlet.
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-13
Updated
2024-03-14
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin() function within wizardLogin.
Max CVSS
9.8
EPSS Score
0.04%
Published
2024-03-13
Updated
2024-03-14
The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive credentials via a crafted SOAP request to the (1) getBackupPolicy or (2) getBackupPolicies method.
Max CVSS
7.8
EPSS Score
94.43%
Published
2015-05-29
Updated
2016-12-06
CVE-2015-4068
Known exploited
Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1) reportFileServlet or (2) exportServlet servlet.
Max CVSS
9.4
EPSS Score
97.36%
Published
2015-05-29
Updated
2016-12-06
CISA KEV Added
2022-03-25
5 vulnerabilities found